VYPR
Unrated severityNVD Advisory· Published Dec 18, 2025· Updated Apr 7, 2026

EasyPHP Webserver 14.1 Path Traversal via Directory Traversal Sequences

CVE-2023-53944

Description

EasyPHP Webserver 14.1 contains a path traversal vulnerability that allows remote users with low privileges to access files outside the document root by bypassing SecurityManager restrictions. Attackers can send GET requests with encoded directory traversal sequences like /..%5c..%5c to read system files such as /windows/win.ini.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Roxen/Webserverllm-fuzzy
    Range: = 14.1
  • Easyphp/EasyPHP Webserverv5
    Range: 14.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.